<?php

// *** Documentation
/*______________________________________________________________________________

CEO Access Control Extension Default Template File

Last Update: Sep 2007
Author: Tom at klenwell@gmail.com

SUMMARY
  This is the default login form template for the ACE extension 
		
NOTES
  The are four basic panels to any template:
  
    Head, Masthead, Core, Footer
    
  All other blocks are sub-elements of these panels  
  
______________________________________________________________________________*/

// *** Template Requirements

  // ceo form object: LoginForm (from login.ctrl.php)
  if ( !is_object($this->LoginForm) ) trigger_error('this template requires form obj [$this->LoginForm]', E_USER_ERROR);

  // html declarations
  $_HTML['head'] = '';
  $_HTML['prompt'] = '';
  $_HTML['form'] = '';
  $_HTML['logout_bx'] = '';
  $_HTML['status'] = '';
  $_HTML['footer'] = '';
  $_HTML['signup_link'] = '';
  
  
// *** Configure Dynamic Elements

  // project settings
  global $PROJECT;
  $project_name = ( !empty($PROJECT['name']) ) ? $PROJECT['name'] : 'member';
  
  // form settings (for js hashing)
  $form_action = ( !empty($this->login_action) ) ? $this->login_action : $this->_get_url_self(0);
  $ace_form_name = 'ace_login_form';
  $hash_form_name = 'ace_hash_form';
  $js_login_bx_label = 'protected login';

  // head settings
  $head_title = ucwords("$project_name login form");
  $head_descrip = "$project_name login form";
  $head_keywords = ( !empty($PROJECT['keywords']) ) ? $PROJECT['keywords'] : 'forbidden, closet, of, mystery';
  $head_ext_css = ( !empty($this->css_link) ) ? '<link href="'.$this->css_link.'" type="text/css" rel="stylesheet" />' : '';
  $head_int_css = ( !empty($this->css) ) ? '<style type="text/css">'."\n".$this->css."\n".'</style>' : '';
  
  // favicon
  $head_favicon1 = '';
  $head_favicon2 = '';
  $favicon_lock = ( !empty($this->favicon_lock) ) ? $this->favicon_lock : '';
  $favicon_nojs = ( !empty($this->favicon_nojs) ) ? $this->favicon_nojs : ''; 
  
  if ( !empty($favicon_lock) )
  {
    $head_favicon1 = <<<HTML
  <link rel="shortcut icon" href="{$favicon_lock}" type="image/vnd.microsoft.icon" />
  <link rel="icon" href="{$favicon_lock}" type="image/vnd.microsoft.icon" />
  <link rel="shortcut icon" href="{$favicon_lock}" />    
HTML;
  }
  
  if ( !empty($favicon_nojs) )
  {
    $head_favicon2 = <<<HTML
<noscript>
  <link rel="shortcut icon" href="{$favicon_nojs}" type="image/vnd.microsoft.icon" />
  <link rel="icon" href="{$favicon_nojs}" type="image/vnd.microsoft.icon" />
  <link rel="shortcut icon" href="{$favicon_nojs}" />
</noscript>    
HTML;
  }
  
  // form objects
  $_HTML['submit_bx'] = $this->LoginForm->add_button($type='submit', $label='login');
	$_HTML['login_name'] = $this->LoginForm->EL['login_name']->print_block(12);
	$_HTML['login_pw'] = $this->LoginForm->EL['login_pw']->print_block(12);
  $_HTML['noscript_flag'] = CeoFormElement::static_build_hidden_input($this->noscript_flag, 1);
  
  // links
  if ( !empty($this->signup_url) )
  {
    $_HTML['signup_link'] = <<<HTML
<div class="ace_signup_link">
<a href="{$this->signup_url}">sign up now</a>
</div>
HTML;
  }
  
  // css
  $_CSS['login_form'] = <<<CSS
  
#ceo_login_page 
{
 font-family:arial,sans-serif;
 font-size:14px;
 color:#666;
}  
#ceo_login_panel 
{
 width:400px;
 margin:24px auto 12px;
 padding:1em;
 border:1px solid #ccc;
}
#ceo_login_panel h2 
{
 margin:0; 
 color:#369; 
}

/* prompt list */
ul.ace_prompt_list 
{ 
 margin:16px 0;
 padding-left:0;
}
ul.ace_prompt_list li 
{
 list-style:none; 
 margin:0; padding:0;
 line-height:1.3em;
 color:#39c;
 font-size:12px;
}

/* form fields */
#ceo_login_panel .ceo_element { margin:0 0 8px; }
#ceo_login_panel .ceo_element label
{
 float:left; clear:left;
 width:80px;
 padding-top:4px;
 color:#369;;
}

  
CSS;
  
  // debug
  if ( $this->debug && $this->LoginForm->is_submitted() ) $this->print_d('form is submitted', 'green');
  #if ( !empty($_POST) ) { $this->print_d(print_r($_POST,1), 'purple'); die('comment out line ' . __LINE__); }


// *** Build Standard Block Elements

  // js encrypting 
  $uh_fn = $this->LoginForm->EL[$this->uh_fn]->name;
  $uh_fn_signal = $this->LoginForm->EL[$this->uh_fn]->_html_signal;
  $pw_fn = $this->LoginForm->EL[$this->pw_fn]->name;
  $pw_fn_signal = $this->LoginForm->EL[$this->pw_fn]->_html_signal;
  $nonce = $this->get_login_nonce();
  
  $head_js_enc = <<<HTML
  
<script type="text/javascript" src="{$this->js_md5_src}"></script>
  
<script type="text/javascript">

function cx_hidden_input_field(name, value)
{
  var Obj = document.createElement("input");
  Obj.setAttribute("type", "hidden");
  Obj.setAttribute("name", name);
  Obj.setAttribute("value", value);
  return Obj;
}

function ace_pw_hash() {

  // get values submitted
  var FormData        = document.getElementById("{$ace_form_name}");
  var client_handle   = FormData.{$uh_fn}.value;
  var client_pw       = FormData.{$pw_fn}.value;
  var client_ssspw    = hex_md5("{$this->hash_salt}" + client_pw);
  
  // if client_pw is empty, make this empty (else won't be validated correctly)
  var client_nssspw = ( client_pw != "" ) ? hex_md5(client_ssspw + "$nonce") : "";
  
  // hard debug
  var hard_debug = 0;
  if ( hard_debug ) alert("nonce : " + "$nonce");
  if ( hard_debug ) alert(client_ssspw);

  // add js_data as hidden field
  var CeoSubmitTrigger  = cx_hidden_input_field('{$this->LoginForm->form_submit_trigger}', client_nssspw);
  var HandleInput       = cx_hidden_input_field('{$uh_fn}', client_handle);
  var HandleTrigger     = cx_hidden_input_field('{$uh_fn_signal}', 1);
  var PwInput           = cx_hidden_input_field('{$pw_fn}', client_nssspw);
  var PwTrigger         = cx_hidden_input_field('{$pw_fn_signal}', 1);
  
  // append element object to form
  document.forms["{$hash_form_name}"].appendChild(HandleInput);
  document.forms["{$hash_form_name}"].appendChild(HandleTrigger);
  document.forms["{$hash_form_name}"].appendChild(PwInput);
  document.forms["{$hash_form_name}"].appendChild(PwTrigger);
  document.forms["{$hash_form_name}"].appendChild(CeoSubmitTrigger);
  
  // auto submit data
  var HashForm = document.getElementById("{$hash_form_name}");
  HashForm.submit();
}

</script>
  
HTML;
  
  // build head
  $_HTML['head'] = <<<HTML
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
<head>
  <title>{$head_title}</title>
  <meta name="Description" content="{$head_descrip}" />
  <meta name="Keywords" content="{$head_keywords}" />
  <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
  
  $head_js_enc
  
  $head_favicon1
  $head_favicon2  

$head_ext_css

<style type="text/css">
{$_CSS['login_form']}
</style>

   
</head>
<!-- ============================== head / body ============================ -->
  
HTML;

    
  // build form
  $_HTML['form'] = <<<HTML
  
<div id="ace_form_wrapper">
<form id="{$ace_form_name}" name="{$ace_form_name}" method="post" action="{$form_action}">
{$_HTML['login_name']}
{$_HTML['login_pw']}
<noscript>{$_HTML['noscript_flag']}</noscript>
<noscript>{$_HTML['submit_bx']}</noscript>
<script type="text/javascript">document.write('<input type="button" name="md5_login" value="$js_login_bx_label" onclick="javascript:ace_pw_hash();" />');</script>
</form>
</div>
  
HTML;

  // build hash form (for js pseudo-encryption)
  $_HTML['hash_form'] = <<<HTML
  
<script type="text/javascript">
document.write('<form id="{$hash_form_name}" method="post" action="{$form_action}">');
document.write('</form>');
</script>
  
HTML;

  // other blocks
  $_HTML['form_header'] = "<h2>{$head_title}</h2>";
  $_HTML['prompt'] = $this->print_prompt_block();
  $_HTML['status'] = $this->print_status_block();
    
  
// *** Assemble Blocks into Panels

  $_PANEL['login'] = <<<HTML
  
<div id="ceo_login_panel">
{$_HTML['form_header']}
{$_HTML['prompt']}
{$_HTML['form']}
{$_HTML['hash_form']}
{$_HTML['status']}
</div>  
  
HTML;

  
// *** Output Full Template

  $_PAGE['login'] = <<<HTML
{$_HTML['head']}

<body>
<div class="page" id="ceo_login_page">

{$_PANEL['login']}
  
</div> <!-- end page -->

</body>
</html>
  
HTML;

  print $_PAGE['login'];
  die('<!-- login form complete -->');
  
  

  if ( $this->debug ) $this->print_d(__FILE__ . ' template file loaded');
?>
